Certified Secure Software Lifecycle Professional (CSSLP) 2019: Security Vulnerabilities

CSSLP 2019    |    Intermediate
  • 20 Videos | 1h 30m 20s
  • Includes Assessment
  • Earns a Badge
Likes 136 Likes 136
Explore how to identify and assess security vulnerabilities in this 20-video course, in which you will encounter essential secure coding techniques such as versioning, peer-based code reviews, code analysis, and anti-tampering techniques. First, become familiar with malicious practices and the threats outlined in the Open Web Application Security Project (OWASP) Top 10 list and the Common Weakness Enumeration (CWE) list of software weaknesses. You will soon be able to differentiate between CWE and Common Vulnerabilities and Exposure (CVE) lists. Next, learn to describe the characteristics of injection attacks, before watching demonstrations of input validation failures such as buffer overflows, canonical form, missing defense functions, and general programming failures. You will examine how to analyze reuse code for security vulnerabilities, identify malicious code, securely reuse third-party code, and securely integrate components. Finally, learners will hear discussions of defensive coding, side channels, social engineering attacks, source code and versioning. The course prepares learners for the (ISC)2 CSSLP: Certified Secure Software Lifecycle Professional certification exam.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    locate and list the OWASP "Top 10"
    locate and list the CWE list of software weaknesses
    describe characteristics of injection attacks
    recognize input validation failures such as buffer overflow, canonical, missing defense functions, and general programming failures
    differentiate between common weakness enumerations and common vulnerabilities and exposure
    describe side channels
    describe social engineering attacks such as phishing
    identify source code and versioning best practices
    identify build environment best practices such as anti-tampering techniques and compiler switches
  • recognize characteristics of peer-based code reviews
    distinguish between static and dynamic code analysis
    list the steps for code signing
    analyze reused code for security vulnerabilities
    differentiate between static and dynamic analysis
    search for and identify malicious code
    securely reuse third party code or libraries
    recognize how to securely integrate components such as systems of systems integration
    debug security errors
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE